Most Popular Cloud Services

Making the Most of the Cloud Since 1996

Latest News and Resources

05/09/2017

Key takeaways from the Q1 2017 Microsoft Security Intelligence Report

Microsoft has published the 22nd edition of its Security Intelligence Report, designed to offer its customers and the tech industry as a whole insight into the latest cyber security threats and the best practice solutions available to guard against security breaches.

This particular report was the first to share quarterly data, as opposed to bi-annual figures, giving readers greater visibility into the cyber threat landscape.

Let’s take a look at the main talking points and insight to come out of the Microsoft Security Intelligence Report 2017:

Attackers turning their attentions to the cloud

The fast-growing demand for cloud-based storage and programme accounts has seen cyber hackers turn their attention to consumer and Enterprise Microsoft cloud accounts. In fact, there has been a 300 percent year-on-year increase in cloud-based user account attacks. The vast majority of these attacks have occurred due to easily guessed passwords, phishing attacks and breaches of third-party services. The report implores users to use unique passwords for every single website and never reuse the same passwords across multiple accounts.

The evolution of ‘drive-by download’ sites

The report discusses a new era of drive-by download sites which host one or multiple exploits capable of targeting vulnerabilities in a user’s web browser and browser add-ons. Those with vulnerable computers can experience malware installations just by visiting a website, without even having to download any files. That’s due to drive-by download pages which are hosted on legitimate websites. Users are redirected to these exploited pages secretly and if the exploit succeeds, the malware is downloaded discretely onto the user’s machine. In March 2017, Bing detected 0.17 drive-by download pages per 1,000 web pages within its index.

Ransomware attacks on the rise

The report notes a significant increase in the number of ransomware attacks, including prominent security breaches such as Petya and WannaCry, which contributed to the disabling of tens of thousands of machines across the globe in the first half of 2017. Microsoft noted significant targeting of ransomware attacks across eastern Europe, namely in the Czech Republic, Hungary, Romania and Croatia.

The importance of updating your operating systems

Microsoft subsequently reinforced the necessity of regularly updating operating systems and other software so that the latest patches are installed and operational on your machine. It also highly recommends users to enforce all security policies that control user access to sensitive data, limiting corporate network access to approved users, locations and devices. Finally, the report also warns users from using public Wi-Fi hotspots which could encourage cyber attackers to gain unwarranted access to personal data.

A breakdown of phishing site impressions

As part of the report, Microsoft also gathers data on phishing sites and impressions using ‘phishing impressions’ generated by those who use SmartScreen and are warned about accessing a known phishing site. Although the number of phishing sites in the online service industry declined over Q1 2017, there was still two-fifths (40 percent) of all phishing sites operational within this sector alone; followed by financial sites (37 percent), up six percent during Q1 2017.

The report urges vigilance among businesses of all shapes and sizes, as well as individual users online to minimise the spread of potentially damaging exploits and malware.

“The move to Office 365 has made a huge difference in terms of productivity and cost. The wide range of communication and collaboration tools has allowed us to concentrate on using our resources more effectively and helped us increase our competitiveness in the market. Hosting our own email would be a real distraction, especially when Cobweb offers a specialist service to do it all, including maintenance and back-up.”

Rob Myles, Director of Technology, REX Features

“We want to keep as much of our IT infrastructure as possible in the Cloud. It’s more cost-effective and Cobweb’s hosting ensures our team can work from anywhere, safely and securely, as well as more productively. Using Skype for Business has enabled us to communicate effectively in real-time. For conference calls, team meetings, solving clients’ queries and supporting them, I’d recommend Cobweb and Skype for Business.”

Laura Mattin, Operations Director at Leadent Solutions

“Email is a business critical application for all3media but I knew from the start that I would not have the time to deal with the daily hassles and threats from spam, viruses, system failures and backups. Security of our systems is a top priority and I wanted to ensure that the solution we put in place would provide comprehensive protection.”

Damien Frost, IT Director of all3media

“The services provided by Cobweb took just six weeks from initial enquiry to being fully operational and have helped us to be more productive and improve our exposure to the academic research community. We now have the perfect public-facing website, with SEO optimisation and easily accessible information for researchers interested in using our services.”
MAHSC-CTU Research & Development Information & Systems Development Manager, Matthew Richardson

"Cobweb delivered the project within budget, utilising available resources, and within the specified timeframe. The project went exceptionally well, with minimal user impact and a very successful migration."